Deloitte | India Offices of the US

Cyber

Deloitte Cyber understands the unique challenges and opportunities businesses face in cybersecurity. Join our team to deliver powerful insights to help our clients navigate the ever-changing threat landscape. Through powerful insights and managed services that simplify complexity, we enable businesses to operate with resilience, grow with confidence, and proactively manage to secure achievements.

Position Summary

Level: Solution Delivery Advisor

Work you’ll do:

• Develop automation playbooks using modern SOAR Platforms (for example, Tines, Splunk SOAR, Swimlane, Palo XSOAR) to support Security Operations
• Design and Develop Integration solutions to other security appliances and not limiting to Exabeam, Chronical, Crowdstrike, Splunk ES by leveraging SOAR Platform
• Test, customize and master APIs for off-the-shelf and common security and IT tools
• Maintain a solid understanding of the Cyber Security Operation Center (people, process, SIEM technology), goals, and security initiatives
• Identify and recommend operational improvements to the Deloitte Cyber Service, drawing on SOC operational experience and industry specific knowledge of risks
• Manage any in scope solution projects (integration/ implementations)
• Manage communications with vendors, 3rd party service providers, Deloitte leadership, and client personnel when required
• Analyze complex issues to determine client impact and to suggest alternative solutions based on client needs and objectives
• Adhere to internal operational security and other Deloitte policies
• Contribute to team and organizational improvements in process and infrastructure 

The team:

Deloitte’s Detect & Respond (D&R) aims to combine sophisticated technologies and human intelligence to help the clients monitor, detect, investigate, and respond to known and unknown attacks. We help our clients to be secure, vigilant, and resilient in the face of an ever-increasing array of cyber threats and vulnerabilities. The Detect and Respond team delivers service to clients through following key areas:

• Threat detection and response
• Attack surface management
• Threat Intelligence
• Threat Hunting
• Data Protection

Qualifications

Must Have Skills/Project Experience/Certifications:

• Understanding of the Agile software development life cycle: Analysis, Design, Coding, Testing and promotion into Production.
• 3+ years' work experience as a Functional Programming Language Developer (“Python or JavaScript Preferred”)
• Understanding how modern software architectures works (client-server, Web technology, micro-services) Understanding of SOAR technologies (Security Orchestration and Automation Response) and should have hands-on experience in building playbooks and automations
• Understanding of common network infrastructure devices such as routers and switches
• Understanding of basic networking protocols such as TCP/IP, DNS, HTTP
• Basic knowledge of cloud infrastructure and operations, system security architecture, and security solutions
• Strong programming experience solving technical challenges
• Database technologies proficiency: SQL, NoSQL, or PostgreSQL
• Understand multi-process architecture
• Professional experience with Code Repositories and Version Control “GitHub Preferred” 

Good to Have Skills/Project Experience/Certifications:

• 3+ years working in security information and/or technology engineering support experience
• Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Incident Handler (GCIH), Certified Ethical Hacker (CEH) or equivalent
• Experience with security operations technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, network- and host- based firewalls, Threat Intelligence, Penetration Testing, Advanced Persistent Threats (APT)
• Strong understanding of threat analysis and enterprise level mitigation strategies and frameworks like “MITRE”
• Working knowledge of cyber threats, defenses, motivations, and techniques
• Excellent interpersonal and organizational skills
• Excellent oral and written communication skills
• Strong analytical and problem-solving skills
• Self-motivated to improve knowledge and skills
• An ardent desire to understand the root cause of security incidents along with identification of threat vectors
• Knowledge of web application frameworks: Flask, Django etc. for dashboard/ widget development 

Education:

• Bachelor’s degree is required. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology.